Home
Check Point

Check Point Policy Backup Using Migrate Utility

Maintaining a secure network environment requires consistent backups of your Check Point Security Management Server (SMS) configuration. The migrate utility offers a powerful solution for exporting and importing your policy database, ensuring a smooth restoration process in case of unexpected events.

The migrate utility can be found in $FWDIR/bin/upgrade_tools/ directory

Benefits of Migrate Export and Import:

  • Seamless Disaster Recovery: In the event of a disaster, having a migrate export readily available allows for a swift restoration of your security configuration, minimizing downtime and getting your network back up and running quickly.
  • Future-Proof Backups: Unlike traditional backups tied to specific hardware, migrate exports are hardware-independent. This means you can restore your configuration to a completely different server without compatibility concerns, ensuring your security policies remain in effect regardless of hardware changes.
  • Comprehensive Configuration Capture: Migrate captures your entire Check Point configuration, encompassing essential elements like security policies (packages), VPN communities, objects, and licenses. This provides a complete security posture snapshot, eliminating the need for manual configuration recreation during restoration.

Migrate Export:

unset TMOUT
Check the services of management server 
cpwd_admin list
It is recommected to stop all management services before database export 
cpstop
Once the services are stpped go to migrate utility path 
cd $FWDIR/bin/upgrade_tools/
Now run the export command 
./migrate export /var/tmp/MGMT_Migrate_Export
Once the database export is completed check the md5 value 
md5sum /var/tmp/MGMT_Migrate_Export.tgz
Now start the all services 
cpstart
Check whether all services sarted or not 
cpwd_admin list
Now copy the exported file into local system or ftp server

Migrate Import:

Copy the exported database file into new management server

Always copy exported file into /opt/CPsuite-R81.10/fw1/bin/upgrade_tools/ or $FWDIR/bin/upgrade_tools/ directory, both the directories are same

unset TMOUT
verify the md5 value befor import 
md5sum $FWDIR/bin/upgrade_tools/MGMT_Migrate_Export.tgz
once the md5 is verified stop the all services 
cpstop
Now run the Import command 
./migrate import $FWDIR/bin/upgrade_tools/MGMT_Migrate_Export.tgz
Once the database is imported successfully start the checkpoint services 
cpstart
Check whether all services are started or not 
cpwd_admin list

Conclusion:

The migrate utility provides a reliable and efficient approach to backing up and restoring your Check Point Security Management Server's policy database. By incorporating this practice into your routine, you can ensure business continuity and minimize downtime during unforeseen circumstances. Remember, following best practices like stopping services before export and verifying file integrity strengthens your backup strategy.

This is an example of migrate export and import operation. It's a best practice to execute cpstop. Once the export or import operation is completed, execute cpstart to start Security Management Server services.

Migrate Export and Import Example:

[Expert@MGMT:0]# fw ver
This is Check Point's software version R81.10 - Build 883
[Expert@MGMT:0]#
[Expert@MGMT:0]# unset TMOUT
[Expert@MGMT:0]#
[Expert@MGMT:0]# clear
[Expert@MGMT:0]# fw ver
This is Check Point's software version R81.10 - Build 883
[Expert@MGMT:0]# unset TMOUT
[Expert@MGMT:0]# cpwd_admin list
APP        PID    STAT  #START  START_TIME             MON  COMMAND
CPVIEWD    16920  E     1       [11:29:50] 15/8/2022   N    cpviewd
CPVIEWS    16925  E     1       [11:29:50] 15/8/2022   N    cpview_services
CPD        16940  E     1       [11:29:50] 15/8/2022   Y    cpd
FWD        16997  E     1       [11:29:51] 15/8/2022   N    fwd -n
FWM        17004  E     1       [11:29:51] 15/8/2022   N    fwm
FWMHA      17027  E     1       [11:29:52] 15/8/2022   N    fwmha -H
STPR       17067  E     1       [11:29:52] 15/8/2022   N    status_proxy
CPM        17586  E     1       [11:29:58] 15/8/2022   N    /opt/CPsuite-R81.10/fw1/scripts/cpm.sh -s
SOLR       17796  E     1       [11:30:01] 15/8/2022   N    java_solr
RFL        17841  E     1       [11:30:02] 15/8/2022   N    LogCore
SMARTVIEW  17882  E     1       [11:30:02] 15/8/2022   N    SmartView
INDEXER    18017  E     1       [11:30:04] 15/8/2022   N    /opt/CPrt-R81.10/log_indexer/log_indexer
SMARTLOG_SERVER 18104  E     1       [11:30:06] 15/8/2022   N    /opt/CPSmartLog-R81.10/smartlog_server
REPMAN     18918  E     1       [11:30:18] 15/8/2022   N    java_repository_manager
DASERVICE  18937  E     1       [11:30:18] 15/8/2022   N    DAService_script
AUTOUPDATER 18961  E     1       [11:30:18] 15/8/2022   N    AutoUpdaterService.sh
CPSM       28986  E     2       [11:43:37] 15/8/2022   N    cpstat_monitor
[Expert@MGMT:0]# cpstop
cpwd_admin:
Process AUTOUPDATER terminated
cpwd_admin:
Process DASERVICE terminated
Stopping Repository Manager ...
Repository Manager stopped
UEPM: Endpoint Security Management isn't activated
Stop Search Infrastructure...
Stop Log Indexer...
cpwd_admin:
Process INDEXER (pid=18017) stopped with command "kill 18017". Exit code 0.
Stop SmartLog Server...
cpwd_admin:
Process SMARTLOG_SERVER (pid=18104) stopped with command "kill 18104". Exit code 0.
Stop SmartView ...
Stopping SmartView via CPWD
cpwd_admin:
Process SMARTVIEW terminated
cpwd_admin:
successful Detach operation
Stopping RFL ...
cpwd_admin:
Process RFL terminated
cpwd_admin:
successful Detach operation
RFL stopped
Stopping Solr ...
Sending stop command to Solr running on port 8210 ... waiting up to 60 seconds to allow Jetty process 17796 to stop gracefully.
cpwd_admin:
Process SOLR process has been already terminated
cpwd_admin:
successful Detach operation
Solr stopped
dbsync is not running
Stopping Log Adjuster Service...
SmartView Monitor: Management stopped
MAAS is not installed
FireWall-1: cpm stopped
FireWall-1: fwm stopped
VPN-1/FW-1 stopped
Stopping Critical Alerts Sensor
SVN Foundation: cpd stopped
Stopping cpviewd
cpwd_admin:
Process CPD process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process FWD process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process FWM process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process FWMHA process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process STPR process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process CPM process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process DASERVICE process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process AUTOUPDATER process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process CPSM process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin: cpWatchDog killed
SVN Foundation: cpWatchDog stopped
SVN Foundation stopped
[Expert@MGMT:0]# cd $FWDIR/bin/upgrade_tools/
[Expert@MGMT:0]# ./migrate export /var/tmp/MGMT_Migrate_Export


You are required to close all clients to Security Management Server
or execute 'cpstop' before the Export operation begins.

Do you want to continue? (y/n) [n]? y


Copying required files...
Compressing files...

The operation completed successfully.

Location of archive with exported database: /var/tmp/MGMT_Migrate_Export.tgz

[Expert@MGMT:0]# md5sum /var/tmp/MGMT_Migrate_Export
md5sum: /var/tmp/MGMT_Migrate_Export: No such file or directory
[Expert@MGMT:0]# md5sum /var/tmp/MGMT_Migrate_Export.tgz
eb85b14f305a2001601f1fae0eee8d39  /var/tmp/MGMT_Migrate_Export.tgz
[Expert@MGMT:0]# md5sum /var/tmp/MGMT_Migrate_Export.tgz
eb85b14f305a2001601f1fae0eee8d39  /var/tmp/MGMT_Migrate_Export.tgz
[Expert@MGMT:0]# cpstart

SVN Foundation: Starting cpWatchDog
Starting cpviewd
starting the cpview_services daemon
cpwd_admin:
Process CPVIEWS started successfully (pid=34086)
Starting Critical Alerts Sensor...
SVN Foundation: Starting cpd
SVN Foundation started
MAAS is not installed
FireWall-1: Starting fwd
FireWall-1: Starting cpm. Please wait...
[1] 34150
FireWall-1: Finished starting cpm successfully
FireWall-1: Starting fwm (Security Management Server)
Starting fwmha (Security Management Server High Availability)

FireWall-1: This is a Security Management server. No security policy will be loaded
FireWall-1 started
SmartView Monitor: Not active
Start Search Infrastructure...
pg_ctl: another server might be running; trying to start server anyway
pg_ctl: could not start server
Examine the log output.
cpwd_admin:
Process SOLR started successfully (pid=35005)
Starting RFL ...
cpwd_admin:
Process RFL started successfully (pid=35053)
Starting SmartView ...
Starting SmartView...
cpwd_admin:
Process SMARTVIEW started successfully (pid=35085)
Start Log Indexer...
cpwd_admin:
Process INDEXER started successfully (pid=35193)
Start SmartLog Server...
cpwd_admin:
Process SMARTLOG_SERVER started successfully (pid=35279)

No need to run Adjuster Service - no clients were found
UEPM: Endpoint Security Management isn't activated and will not be started
cpwd_admin:
Process DASERVICE started successfully (pid=36131)
cpwd_admin:
Process AUTOUPDATER started successfully (pid=36152)
cpstart: Power-Up self tests passed successfully

cpstart: Starting product - SVN Foundation


cpstart: Starting product - VPN-1


cpstart: Starting product - SmartView Monitor


cpstart: Starting product - SmartEvent


cpstart: Starting product - UEPM


cpstart: Starting product - Repository Manager


cpstart: Starting product - Deployment Agent


cpstart: Starting product - Auto Updater


cpstart: Starting product - VSX

[Expert@MGMT:0]# cpwd_admin list
APP        PID    STAT  #START  START_TIME             MON  COMMAND
CPVIEWD    34081  E     1       [12:06:17] 15/8/2022   N    cpviewd
CPVIEWS    34086  E     1       [12:06:17] 15/8/2022   N    cpview_services
CPD        34106  E     1       [12:06:18] 15/8/2022   N    cpd
FWD        34149  E     1       [12:06:19] 15/8/2022   N    fwd -n
FWM        34157  E     1       [12:06:19] 15/8/2022   N    fwm
FWMHA      34163  E     1       [12:06:19] 15/8/2022   N    fwmha -H
STPR       34186  E     1       [12:06:19] 15/8/2022   N    status_proxy
CPM        34744  E     1       [12:06:25] 15/8/2022   N    /opt/CPsuite-R81.10/fw1/scripts/cpm.sh -s
SOLR       35005  E     1       [12:06:28] 15/8/2022   N    java_solr
RFL        35053  E     1       [12:06:28] 15/8/2022   N    LogCore
SMARTVIEW  35085  E     1       [12:06:28] 15/8/2022   N    SmartView
INDEXER    35193  E     1       [12:06:30] 15/8/2022   N    /opt/CPrt-R81.10/log_indexer/log_indexer
SMARTLOG_SERVER 35279  E     1       [12:06:31] 15/8/2022   N    /opt/CPSmartLog-R81.10/smartlog_server
REPMAN     36114  E     1       [12:06:41] 15/8/2022   N    java_repository_manager
DASERVICE  36131  E     1       [12:06:41] 15/8/2022   N    DAService_script
AUTOUPDATER 36152  E     1       [12:06:41] 15/8/2022   N    AutoUpdaterService.sh
[Expert@MGMT:0]#
[Expert@MGMT:0]# fw ver
This is Check Point's software version R81.10 - Build 883
[Expert@MGMT:0]# unset TMOUT
[Expert@MGMT:0]# md5sum $FWDIR/bin/upgrade_tools/MGMT_Migrate_Export.tgz
eb85b14f305a2001601f1fae0eee8d39  /opt/CPsuite-R81.10/fw1/bin/upgrade_tools/MGMT_Migrate_Export.tgz
[Expert@MGMT:0]# $FWDIR/bin/upgrade_tools/
bash: /opt/CPsuite-R81.10/fw1/bin/upgrade_tools/: Is a directory
[Expert@MGMT:0]#
[Expert@MGMT:0]# cpstop
cpwd_admin:
Process AUTOUPDATER terminated
cpwd_admin:
Process DASERVICE terminated
Stopping Repository Manager ...
Repository Manager stopped
UEPM: Endpoint Security Management isn't activated
Stop Search Infrastructure...
Stop Log Indexer...
cpwd_admin:
Process INDEXER (pid=35193) stopped with command "kill 35193". Exit code 0.
Stop SmartLog Server...
cpwd_admin:
Process SMARTLOG_SERVER (pid=35279) stopped with command "kill 35279". Exit code 0.
Stop SmartView ...
Stopping SmartView via CPWD
cpwd_admin:
Process SMARTVIEW terminated
cpwd_admin:
successful Detach operation
Stopping RFL ...
cpwd_admin:
Process RFL terminated
cpwd_admin:
successful Detach operation
RFL stopped
Stopping Solr ...
Sending stop command to Solr running on port 8210 ... waiting up to 60 seconds to allow Jetty process 35005 to stop gracefully.
cpwd_admin:
Process SOLR process has been already terminated
cpwd_admin:
successful Detach operation
Solr stopped
dbsync is not running
Stopping Log Adjuster Service...
SmartView Monitor: Management stopped
MAAS is not installed
FireWall-1: cpm stopped
FireWall-1: fwm stopped
VPN-1/FW-1 stopped
Stopping Critical Alerts Sensor
SVN Foundation: cpd stopped
Stopping cpviewd
cpwd_admin:
Process CPD process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process FWD process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process FWM process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process FWMHA process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process STPR process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process CPM process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process DASERVICE process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process AUTOUPDATER process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin:
Process CPSM process has been already terminated
cpwd_admin:
successful Del operation
cpwd_admin: cpWatchDog killed
SVN Foundation: cpWatchDog stopped
SVN Foundation stopped
[Expert@MGMT:0]#
[Expert@MGMT:0]# ./migrate import $FWDIR/bin/upgrade_tools/MGMT_Migrate_Export.tgz
The import operation will eventually stop all Check Point services (cpstop).
Do you want to continue? (y/n) [n]? y


Extracting the database...
Stopping all Check Point services (cpstop)...
 cpwd_admin: Failed to submit request to cpWatchDog
 cpwd_admin: Failed to submit request to cpWatchDog
Stopping Repository Manager ...
There is no Repository Manager process running.
UEPM: Endpoint Security Management isn't activated
Stop Search Infrastructure...
Stop Log Indexer...
Stop SmartLog Server...
Stop SmartView ...
Stopping RFL ...
RFL stopped
Stopping Solr ...
There is no process SOLR run.
dbsync is not running
Stopping Log Adjuster Service...
SmartView Monitor: Management stopped
MAAS is not installed
FireWall-1: cpm stopped
FireWall-1: fwm stopped
VPN-1/FW-1 stopped
Stopping Critical Alerts Sensor
SVN Foundation: failed to stop cpd
Stopping cpviewd
 cpwd_admin: Failed to submit request to cpWatchDog
 cpwd_admin: Failed to submit request to cpWatchDog
SVN Foundation: cpWatchDog is not running
SVN Foundation stopped
Importing files...

The import operation completed successfully.
Do you wish to start Check Point services? (y/n) [y]? y

[Expert@MGMT:0]# cpwd_admin list
APP        PID    STAT  #START  START_TIME             MON  COMMAND
CPVIEWD    51183  E     1       [12:29:29] 15/8/2022   N    cpviewd
CPVIEWS    51188  E     1       [12:29:29] 15/8/2022   N    cpview_services
CPD        51206  E     1       [12:29:30] 15/8/2022   Y    cpd
FWD        51255  E     1       [12:29:32] 15/8/2022   N    fwd -n
FWM        51259  E     1       [12:29:32] 15/8/2022   N    fwm
FWMHA      51262  E     1       [12:29:32] 15/8/2022   N    fwmha -H
STPR       51290  E     1       [12:29:32] 15/8/2022   N    status_proxy
CPM        51864  E     1       [12:29:38] 15/8/2022   N    /opt/CPsuite-R81.10/fw1/scripts/cpm.sh -s
SOLR       52064  E     1       [12:29:41] 15/8/2022   N    java_solr
RFL        52112  E     1       [12:29:42] 15/8/2022   N    LogCore
SMARTVIEW  52158  E     1       [12:29:42] 15/8/2022   N    SmartView
INDEXER    52256  E     1       [12:29:43] 15/8/2022   N    /opt/CPrt-R81.10/log_indexer/log_indexer
SMARTLOG_SERVER 52338  E     1       [12:29:45] 15/8/2022   N    /opt/CPSmartLog-R81.10/smartlog_server
REPMAN     52972  E     1       [12:29:52] 15/8/2022   N    java_repository_manager
DASERVICE  52992  E     1       [12:29:52] 15/8/2022   N    DAService_script
AUTOUPDATER 53011  E     1       [12:29:52] 15/8/2022   N    AutoUpdaterService.sh
[Expert@MGMT:0]#
#Check Point

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
More Details
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.